Rewterz Threat Advisory – CVE-2022-28394 – Trend Micro Password Manager Vulnerability
May 13, 2022Rewterz Threat Alert – Panda Stealer Malware – Active IOCs
May 13, 2022Rewterz Threat Advisory – CVE-2022-28394 – Trend Micro Password Manager Vulnerability
May 13, 2022Rewterz Threat Alert – Panda Stealer Malware – Active IOCs
May 13, 2022Severity
High
Analysis Summary
CVE-2022-1405 CVSS:7.8
The affected product does not properly sanitize input while processing a specific project file, allowing a possible stack-based buffer overflow condition.
CVE-2022-1404 CVSS:3.3
The affected product does not properly sanitize input while processing a specific project file, allowing a possible out-of-bounds read condition.
Impact
Arbitrary Code Execution
Information Disclosure
Indicators Of Compromise
CVE
- CVE-2022-1405
- CVE-2022-1404
Affected Vendors
Delta Electronics
Affected Products
CNCSoft: All versions prior to 1.01.32
Remediation
Refer to CISA-CERT Advisory for the patch, upgrade, or suggested workaround information.